An exemplary attack scenario: threats to production engineering inspired by the Conficker worm

Abstract

In this article an existing formalisation methodology for malicious code [6] is used to describe characteristics of the worm Conficker variant C to analyse oncoming threats to modern production engineering systems. Based on the Conficker worm formalism and a component model of an exemplary production scenario (the automatic chamfering of great gears with an industrial robot) an exemplary methodology is demonstrated to analyse malware threats to component related security aspects and to compare the criticality of different malware instances for a special system. On the basis of this methodology potential threats to the security of software and hardware components of the exemplary production scenario are simulated and could also be used to illustrate security threats and protection concepts with virtual techniques to help software engineers to program secure software. The threats are illustrated by the means of four exemplary scenarios.